Important
Panoptis: A project to detect and block DoS/DDoS attacks
What is Panoptis?
Panoptis is a project started some time ago, with the aim to stop the Denial of Service and Distributed Denial of Service attacks that have been torturing the Internet for the last few years. It is based on real-time processing of Cisco (R) NetFlow (TM) data, since this seems to be the most efficient approach as it is router-centric, allowing for automated central response without intervention from the affected organizations' network administrators.
Current status
Panoptis is now in a beta stage, and released under the GNU Public License. At the moment, Panoptis detects the attacks (it is quite successful at that), and uses the mail.py script to notify the administrators through email that an attack has started (or ended). It also connects to potential peers to notify them. You can download the source code (0.1.3 release) and compile/run it. There is also a SourceForge project page over here. If an attack takes place but panoptis outputs nothing, email me and let me know (if you are using it along with other packages like cflowd and can provide me with any diagrams and other data, that would be really great). Also, let me know if panoptis reports an attack but there's really no attack going on.
"You can't really stop DoS/DDoS attacks"
*WE* can :) There is code already added to Panoptis, that aims at creating a mesh of detectors that cooperate to trace-back attacks. The code is neither activated, nor tested yet, but it is a priority for the short-term future.